Not sure what to call this, back door?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
me!
Forum Contributor
Posts: 133
Joined: Sat Nov 04, 2006 8:45 pm

Not sure what to call this, back door?

Post by me! »

Hi all,

I have a registration system that checks a DB to confirm that rates and dates for that year are in place before allowing a customer to continue. That work fine, But I want to be able to use and test the system without it being accessible to others. So I was thinking I could just do http://www.mysite.com?bypass=1 That also works, the problem is that the index page also does all of the processing of the registration (3 steps) and I can't seam to keep access to the page :o

This is what I came up with but it don't work... It locks people out fine and allows me in with GET, but the sessions aren't working like I was thinking they would...

Code: Select all

// make sure the information for registrations is set up in the system or else give them and error page
if ($_GET["bypass"] == "yes" || $_SESSION['bypass'] == "1")
    {
    session_start();
    // store session data
    $_SESSION['bypass']=1;
    
    }else{
            if ($reg_year != date("Y")) 
            {
            include_once('not_aval.php');
            die;
            }
           } 
me!
Forum Contributor
Posts: 133
Joined: Sat Nov 04, 2006 8:45 pm

Post by me! »

Oh and the session_start() function is BEFORE the <html> tag:
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

What do you mean when you say you cannot keep access to the page?
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

me! wrote:Oh and the session_start() function is BEFORE the <html> tag:
Move it before the if() that uses $_SESSION.
Post Reply